As 2020 came to an end, the world has seen an uptick in hacking and hacking attempts. Since the global pandemic began to send more into isolation and governments encourage their citizens to stay home, hacking attempts have also been on the rise.
March 3, 2020
As 2020 came to an end, the world has seen an uptick in hacking and hacking attempts. Since the global pandemic began to send more into isolation and governments encourage their citizens to stay home, hacking attempts have also been on the rise. According to a Forbes Magazine article, the top 5 hacking trends of 2021 are “Artificial intelligence (AI) will play an increasing role in both cyber-attack and defense, Political and economic divisions between east and west lead to increased security threats, Political interference increasingly common and increasingly sophisticated, The cybersecurity skills gap continues to grow, Vehicle hacking and data theft increases.” However, hindsight is, funnily enough, 2020. This article was published in January of 2020, just a couple of months before the global emergence of COVID-19, reinventing many aspects of how we use technology daily.
As the year proceeded, we saw many different hacking attempts had gained popularity. Cell phone hacks, CMS security breaches, video communication software hacks, social media hacking, QR code hacks, and election-related hacks have gained a prevalence within 2020. These hacks and hacking attempts are projected to achieve a more significant presence in 2021.
Cell Phone Hacks
Cell phone hacks have steadily gained prevalence in the hacking world. How can you keep yourself from being the victim of a cell phone hack? Verizon Wireless states that you should not give out personal information; this includes text messages that might look like they are from your bank. If you do have a concern, it is best to contact the business in question directly. This may be a phishing attempt to gain access to your valuable information and even compromise your device.
Keeping your cellphone password protected. Wired Magazine states that "Passcodes, PINs, passphrases, and patterns act as the core defense to any biometric methods of unlocking your phone." Wired encourages password protection stating that "While none of the security methods are completely foolproof, the passcode or PIN seems to be the best defense against attackers wanting to access your phone." Password protection keeps your information from being stolen, whether from merely losing a device or hacking.
CMS Security Breaches
CMS (Content Management Systems) security breaches have also gained prevalence this year, as many much of the globe’s workforces are working from home. Joomla, WordPress, Drupal, and SharePoint have been some of the most popularly hacked CMS platforms.
According to Infosecurity Magazine, “WordPress accounted for 90% of hacked websites in 2018, up from 83% in 2018. There was a steep drop before Magento (4.6%) and Joomla (4.3%) in second and third. The latter two had dropped from figures of 6.5% and 13.1% respectively in 2017.” WordPress has been noted as one of the most hacked content management systems, and with statistics like these revealed by WordPress owners Go-Daddy, it is no shock as to how often these hacking attempts can occur. WordPress is one of the most used content management systems available, so this large-scale hacking that has been noted to occur makes sense.
According to Joomla, a security incident breach exposed thousands of users’ personal information. Joomla states that potential data affected may be the disclosure of your full name, business address, business email address, business phone number, company URL, nature of the business, password, IP address, and newsletter subscription information. Joomla states that many of the negative impacts of the breach are low. Joomla notes there is a potential for low has implications due to financial loss, reputation damage, discrimination, identity theft, and any other economic impacts. Though most of the negative impacts stated are low, Joomla does state that limitations of data subject rights are of medium risk and loss of control over data is of high risk.
Video Conference Hacks
As many of the globe’s workforce is working from home, video conference systems have become commonplace in many lives. Although, as the popularity of video conferencing has risen so have the hacking attempts perpetrated against these Softwares. Zoom, the popular video meeting service that has upstaged skype in popularity in recent months, allowed several people to enter a private zoom meeting that included the UK Prime Minister and several cabinet members.
How did this happen? The UK Prime Minister, Boris Johnson, tweeted out a screenshot of the private zoom meeting. You might think that this simple tweet was harmless. However, unfortunately, this was not so. The tweeted screenshot included the meeting identification number. This allows users to try to join the meeting. The only safe wall in place was a password-protected meeting. As some of you may know, in order to access a Zoom Meeting, you may be asked for a password. Thankfully, the password was not tweeted as well.
Social Media Hacks
Social media hacks have made the news in 2020, as well. Check Point Software Technologies (an independent cybersecurity firm) disclosed worrying details in a recent report published regarding a vulnerability within the Instagram application. The exposure reportedly affected Android devices with the Instagram application. This vulnerability could have allowed hackers to access and control a device when a user saves an image to their device. Typically, the image in question has been sent to a user, and the user then saves the image. On some accounts, the image is automatically saved to the user’s device, allowing little to no knowledge of how the hack occurred.
The result of this hack led to application malfunctions such as post deletions, private messages being accessed and collected, posting photos without user consent, and the implementation of malicious code. This hack can also disable or render your devices temporarily useless. However, the hack also led to access to the user’s contacts, location data, camera, and stored files within the device.
QR Code Hacks
Within the past year, QR code usage and hacking attempts have seen a rise. With the global usage of QR codes up during this pandemic, it is unlikely that the usage of QR codes with be going down anytime soon. According to the 2020 survey conducted by Mobile Iron, many believe that QR codes make our lives easier, as it has eliminated the waste of resources and information distribution time. In fact, 66% of those surveyed in the Mobile Iron survey stated that they believe QR codes have made their lives easier. However, the most concerning information from this survey is that a shocking 48% of those surveyed have concerns about QR codes and continue to use them despite their assumed risks. When asked a similar question of whether or not those surveyed could distinguish a malicious QR code, 64% stated that they did not know how to determine a malicious QR code.
Election/ Political Related Hacks
Election and other politically-related hacks have been on the rise this year. Many of these politically related hacks have centered around the current president of the United States, Donald Trump, or around official-looking emails that seem to be from the government.
According to Proofpoint, “Proofpoint researchers have observed an emerging trend of credential phishing and social engineering lures around COVID-19 financial relief. These campaigns use the promise of payments by global governments and businesses (specifically financial institutions) aimed at easing the economic impact of the ongoing pandemic to urge users to click links or download files.” Many mistakenly take these Trump Administration emails as truth and happily click these links or download these files included in the phishing emails. At a time of uncertainty many are looking for answers and economic help. These emails presented themselves are answers to many questions.
You have likely already received many phishing emails. The Federal Trade Commission suggests that a great practice with fraudulent or inauthentic emails is not to open the email if it looks suspicious. They state that if the email asks you to click on an unknown link or open a document that looks suspicious, do not open it. Some potential concerns include emails that offer a coupon and claim that you have too many login attempts, fake invoices, or missed payment notices.
We Can Help
If you have questions about where or how to address hacking attempts like the ones listed in this article, Synergy Infosec offers convenient website scanners on our easy-to-use dashboard and cybersecurity consultation services to help guide you in the right direction. Also, check out our other blogs like “What is Web Security?” or “What is Vulnerability Scanning?
The first thing any company should think of is protecting their business. Our cybersecurity scanners and tools will protect your business product, so you can focus on conquering the market and leaving your competitors far behind!
Sign up to receive our security newsletters